AU-05 Response To Audit Processing Failures

Audit and Accountability

Low Moderate High

Description

The information system alerts appropriate organizational officials in the event of an audit processing failure and takes the following additional actions: [Assignment: organization-defined actions to be taken (e.g., shut down information system, overwrite oldest audit records, stop generating audit records)].\n

Supplemental Guidance

Audit processing failures include, for example, software/hardware errors, failures in the audit capturing mechanisms, and audit storage capacity being reached or exceeded. Related security control: AU-4.\n

Changes from Rev 4

Title changed from ‘Response to Audit Processing Failures' Adds parameter text to alert within a specific time period Discussion added regarding audit logging process failure related to storage

AU-05 Response To Audit Processing Failures

Description

Supplemental Guidance

Changes from Rev 4

Enhancements

Compliance Mappings

ISO 17799 (legacy)

COBIT 4.1 (legacy)